Working with DSC and SharePoint
**UPDATE: I have modified the script and provided better how to steps, follow these links How to... and Script download please keep reading on to understand how the script DSCConfig_SimpleFarm.ps1 and DSCConfigData_SP2016.psd1 works
Hello All,
Hopefully you have heard about PowerShell Desired State Configuration (DSC) by now, and if you’re reading this I assume you are getting hungry to use it….and I cannot blame you. I have been working with a customer to deploy the script recently and have fallen in love with this technology.
In this series of blogs I will walk you thru configuring your DSC server, DSC on the SharePoint Servers, Setting up the configuration files, and deploying them. The end result is a fully installed and configured farm, I have created scripted resources to help you for each step when you are ready to take this into Dev and Prod.
First of all if you are still fuzzy on how DSC works then here are some great resources to read thru:
https://blogs.technet.microsoft.com/privatecloud/2013/08/30/introducing-powershell-desired-state-configuration-dsc/ https://blogs.technet.microsoft.com/ashleymcglone/tag/desired-state-configuration/ https://channel9.msdn.com/Events/TechEd/Europe/2013/MDC-B302#fbid=mhhzaiP6RCb
And now let’s talk about configuring your DSC server itself, this is the server where you will store the instructions for the client machines (MOF files), the modules that will be pulled to your clients, and I will recommend that this is where you store all the extra items for SharePoint like your installation bits, prereq install bits, etc
I will recommend that you setup your DSC server as a pull server and that is what I will walk you thru, for more information about Push vs Pull please see this documentation https://blogs.msdn.microsoft.com/powershell/2013/11/26/push-and-pull-configuration-modes/
Last my instructions assume that your servers are running WMF 5.1 and won’t work with lower version.
And now for the fun part, I will introduce you to two important files. I will walk you thru setting up what you need for now, and later on I will explain much more about them. So, bear with me as we learn to walk before we run. The two files are the Configuration file (DSCConfig.ps1), and the Configuration data file (DSCConfigData.psd1).
I have prepared copies of these files that will install and configure a SharePoint farm. You can find them here https://gallery.technet.microsoft.com/scriptcenter/SharePoint-DSC-Configuratio-101bbd71
The configuration file contains general instructions for what you want to have happen on your client machines ie Install SharePoint or create a farm/join a farm. You can use this file for multiple environments to help insure that each environment is created and configured the same way. Till you’re comfortable with the different modules and resources in DSC I suggest you don’t edit this file, but once comfy have fun and let me know what wonderful things you do. There are a few parts that I’m very proud of and once I get the time I will write up an explanation of those sections.
The configuration data file is the environmental information ie Server names, Server roles, where the install bits are, etc. So let’s open up the file and look at it real quick, this is what mine looks like
Now let’s talk about the first ‘node’ in ‘AllNodes’ this is a general node that applies to all client machines, and as you can see we can DisableLoopbackCheck, Install prereqs, and Install SharePoint amongst other things by default. If you do not want to do this then please set the values to $false and DSC will skip it for all nodes.
Next, we will set each of your server nodes as you can see we can configure using MinRole or manually. For each server you will create a new node by copying everything between the @{..} and separate each node with a coma then if you want to set services manually just set MinRole to Custom and then for each server set the services it will run to $True or set the MinRole based on this article https://technet.microsoft.com/en-us/library/mt667910(v=office.16).aspx as well as servername and other settings.
NOTE: Only 1 server in your farm can be the FirstServer, this is where DSC will run the configuration of all the Service Apps and other farm settings.
Next in the Config data file is the section to help configure DSC itself, lets look at those settings
For DSCConfigPath, DSCConfigModulePath, and DSCConfigRegistryKeyFile you need to create the folders on the DSC server.
For DSCConfigServiceEndPoint you need to insure that the FQDN points to your DSC Pull Server and you have a cert to use, the cert can be self-signed or can be purchased thru a provider (Recommend public cert for production)
For DSCConfigSharePath and DSCConfigModuleShare is the shared path for DSCConfigPath and DSCConfigModulePath.
For DSCConfigModuleOnline if your server can access the internet then set this to $true.
For DSCLocalFolder is a folder that is created on each node.
For DSCServicePhysicalPath is the location where the DSC Service IIS site will maintain it’s files
For DSCUseSecurityBestPractices I suggest you leave this set to $True, but here is more info to help you make that decision https://github.com/PowerShell/xPSDesiredStateConfiguration
For DSCAcceptSelfSignedCertificates set to $true if you want to use Self-signed certs.
For DSCConfigRegistryKey run the command (New-Guid).guid then copy the results to this variable. This is used for securing node registration as a shared key.
For InstalledModules create an array of all modules you want installed to your DSC Pull server, my script requires the following
-
- xSystemSecurity
- SharePointDsc
- xWebAdministration
- xCredSSP
- xDSCDiagnostics
- xPSDesiredStateConfiguration
Finally, there are many other setting in the nonnodedata section which you can read thru but I believe them to be fairly self-explanatory and won’t list all of them in this article as it would make the article drag on to long 😊but if you are really having problems then please throw a question into the comment section and I will respond when I can.